The contents of this legacy page are no longer maintained nor supported, and are made available only for historical purposes.

Cybersecurity: Leveraging the Science and Technology of Internet Mapping for Homeland Security (2008-2011)

The CAIDA Cybersecurity Project "Leveraging the Science and Technology of Internet Mapping for Homeland Security" (contract N66001-08-C-2029 with the DHS Science and Technology Directorate) started in March 2008. Our primary objective is to develop technologies and gather data that will increase situational awareness of Internet topology structure, behavior, and vulnerabilities.

This page is the original statement of work for March 2008 through June 2011).

Sponsored by:
Department of Homeland Security (DHS)

Principal Investigator: kc claffy

Funding source:  N66001-08-C-2029 Period of performance: March 21, 2008 - June 30, 2012.


Statement of Work (2008-2011)

In this project, we are applying a decade of experience in Internet topology measurement, analysis, modeling, and visualization capabilities to DHS' immediate cybersecurity needs to understand and protect essential U.S. information infrastructure.

The ultimate deliverables are periodic updates for router-level and AS-level Internet topologies integrated into the dual-layer router+AS-level topologies, and richly annotated with AS business relationships, geographic, latency, etc., attributes. To achieve this main task, the project will also deliver a new Internet topology data acquisition infrastructure and Internet topology data processing, analysis, annotation, and generations software.

Tasks and deliverables for the entire effort are separated into three phases:

Phase I: Applied Research (March 2008 - September 2009)

Task Number Task Description
Task 1 Establish ongoing measurements of IPv4 topology using Archipelago measurement infrastructure. Complete initial deployment and debugging of Archipelago monitors and software. Start an ongoing IPv4 topology data collection. Continue to expand the Archipelago measurement infrastructure.
Task 2 Build a router-level graph of the Internet. Evaluate existing Ip-to-router resolution techniques. Select the best tool and collect data for aliases resolution. Derive a router-level graph from Ark data and aliases data.
Task 3 Build a dual AS-router level graph of the Internet. Derive an AS-level graph of the Internet from Ark data and BGP data. Develop methodology of merging the router-level and AS-level graphs into a dual topology graph of the Internet. Produce an experimental dual graph of the Internet topology. Validate the resulting graph vs. other internationally recognized sources of Internet topology data. Release software for calculation and comprehensive analysis of topology characteristics.

Phase II: Development (October 2009 - September 2010)

Task Number Task Description
Task 4 Continue to improve the Archipelago measurements. Deploy 15 additional monitors. Prototype IPv6 topology measurements.
Task 5 Develop software for automated merging of router-level and AS-level graphs into a dual topology. Develop software for automated construction of router-level topology graphs. Update software for automated constrution of AS-level graphs. Develop software for building dual AS-router level topology graphs.
Task 6 Develop software for annotating dual graphs of the Internet. Provide automated annotation of AS-graphs with AS types and business relationships. Compare existing geolocation tools. Develop software for adding geolocation annotations to dual graphs. (optional) Develop software for adding latencies annotations to dual graph.
Task 7 Develop visualization methods for annotated dual AS-router Internet topology.

Phase III: Deployment (October 2010 - March 2011)

Task Number Task Description
Task 8 Continue to improve the Archipelago measurements. Implement recommendations for improving Internet topology measurement learned during Phase I and II of the project. Deploy 10 additional monitors.
Task 9 Advise sponsors regarding use of data to support understanding of critical infrastructure for national security needs. Enrich our AS-ranking suite using all available measurement data and annotations. Validate our automated annotated dual graphs vs. other topology sources. Implement topology generator using annotated dual graphs methodology. Integrate telco hotel datasets into out data.

Deliverables

# Associated Task Deliverable Description Type Due date Status
1 Task 1 Row IPv4 topology data collected on Ark platform data Jul 2008 Done
2 Task 2 Recommendations for best IP aliases resolution techniques report Oct 2008 Done
3 Task 2 Data for IP-to-router resolution data Dec 2008 Done
4 Task 3 Ark-based router-level graph data Jan 2009 Done (requires password)
5 Task 3 Ark-based AS-level graph data Jan 2009 Done
6 Task 3 Ark-based dual AS-router topologies data Jun 2009 Done
7 Task 3 Caveats and recommendations regarding Ark-based topology measurements report Sep 2009 Done
8 Task 3 Comprehensive software suite for topology characteristics software Dec 2009 Done
9 Task 4 Improve Ark-based topology data data Nov 2009 Done
10 Task 5 Regular updates of router-level graphs data Jan 2010 Done
11 Task 5 Regular updates of annotated AS-level graphs data Jan 2010 Done
12 Task 5 Software for automated merging of router-level and AS-level topologies software Mar 2010 Done
13 Task 5 Regular updates of dual Internet topologies data May 2010 Done
14 Task 6 Recommendations for best geolocation tools report Dec 2010 Done
15 Task 6 Annotated dual AS-router graphs data Oct 2010 Done
16 Task 6 Preliminary IPv6 topology data data Sep 2010 Done
17 Task 7 Visualization of annotated dual AS-router graphs report Sep 2010 Done
18 Task 8 Improved Internet topology data data Nov 2010 Done
19 Task 9 Generator for annotated dual Internet topologies at the AS-level and router-level software Jan 2011 Done
20 Task 9 Ark/skitter/DIMES topology comparisons at different levels of granularity report Mar 2011
21 Task 9 AS-ranking++ software Mar 2011 Done
22 Task 9 Recommendations for the next generation of Internet topology measurement platforms report Mar 2011 Done

Related Links

Published
Last Modified